1
Posted February 17, 2017 by Garth Holden in News
 
 

Microsoft delays a whole month’s worth of security updates due to one issue

microsoft-logo

Microsoft is very dedicated to the idea of a security patch bundle. In fact the security bundle for February isn’t going to happen at all, because of one issue in the bundle. Instead, that whole bundle will wait until March to fall on Patch Tuesday.

“Our top priority is to provide the best possible experience for customers in maintaining and protecting their systems. This month, we discovered a last minute issue that could impact some customers and was not resolved in time for our planned updates today. After considering all options, we made the decision to delay this month’s updates. We apologize for any inconvenience caused by this change to the existing plan.”

Microsoft doesn’t go on to explain what kind of issue there was, but it is confusing why an entire month’s worth of security updates has to be delayed due to a single error. Surely it would be better to release a smaller bundle of security patches, but at least close up new vulnerabilities?

The patch bundle policy has been criticised before, especially when it was first launched and Microsoft was no longer transparent with the content of security updates. In 2014, a vulnerability that Google found was only patched two days after Google had already given them 90 days to fix it before making it public. They two day delay was so that the patch would be included in the next Patch Tuesday update.

Source: Tom’s Hardware


Garth Holden

 
I like so many things that it would take me several lifetimes to get through them all. So I tell you about them, so you can choose where your time and money gets spent.